CFPB's PayPal Complaint Breaks New Ground

Posted on May 25, 2015 7:55am PDT

Bridgeforce Law analyzed details of the settlement between CFPB and PayPal,
which sheds new light on the CFPB's interpretation of the "abusive"
prong of UDAAP.

Overview

On May 19, 2015, PayPal agreed to settle CFPB allegations of violations
of the unfair, deceptive, and abusive acts or practices (UDAAP) provisions
of the Consumer Financial Protection Act (CFPA) related to its PayPal
Credit product. The proposed Consent Order filed by the CFPB with the
United States District Court for the District of Maryland requires PayPal
to pay $15 million in compensation to consumers and a $10 million civil
penalty. In addition, PayPal must submit to the CFPB for non-objection,
“a comprehensive compliance plan designed to ensure that [PayPal’s]
offering, marketing, and providing of PayPal Credit complies with [the]
Order.” (Order ¶ 42.) As further discussed below, the Complaint
filed together with the proposed Order both further clarifies the CFPB’s
interpretation of the “abusive” prong of UDAAP and offers
several general lessons for creditors.

PayPal Credit, formerly Bill Me Later, is an online, open-end, consumer
credit product that allows consumers to pay for purchases online and in
certain stores. The product is offered to consumers on eBay, as well as
the websites of thousands of other online merchants. PayPal Credit is
used by consumers to fund purchases made using PayPal—the consumer
pays for an item using PayPal, and the amount of the purchase is charged
to PayPal Credit. A customer’s PayPal and PayPal Credit accounts
may be linked so that all PayPal transactions are charged to PayPal Credit
by default. When linked to a PayPal account, PayPal Credit gives consumers
the same functionality as an online credit card.
[1]

All six Counts contained in the CFPB’s Complaint are based solely
on violations of UDAAP:

Count I - Unfair Acts or Practices related to the Enrollment of Consumers
in PayPal Credit

Count II - Unfair Acts or Practices related to Defendants’ Use of
PayPal Credit as a Payment Method

Count III - Unfair Acts or Practices Related to Payments

Count IV - Deceptive Advertising

Count V - Abusive Deferred-Interest Acts or Practices

Count VI - Unfair Billing Dispute Practices

Although UDAAP is always used in singular tense in colloquial conversation,
each of the three standards that together comprise UDAAP (i.e.
unfair,
deceptive, or
abusive acts or practices) has its own legal standard. Regarding the unfair and
deceptive standards, the Narrative to the UDAAP section of the CFPB Supervision
and Examination Handbook notes that:

The principles of “unfair” and “deceptive” practices
in the [CFPA] are similar to those under Section 5 of the Federal Trade
Commission Act (FTC Act). The Federal Trade Commission (FTC) and federal
banking regulators have applied these standards through case law, official
policy statements, guidance, examination procedures, and enforcement actions
that may inform CFPB. (UDAAP Narrative, footnote 2
[2].)

Consistent with longstanding FTC interpretations, an act or practice is
“unfair” for purposes of the CFPA when: (i) it causes or is
likely to cause substantial injury to consumers, (ii) the injury is not
reasonably avoidable by consumers; and (iii) the injury is not outweighed
by countervailing benefits to consumers or to competition. (UDAAP Narrative,
pp. 174-178.) Likewise consistent with FTC interpretations, an act or
practice is “deceptive” under the CFPA when: (i) there is
a representation, omission, act or practice that misleads or is likely
to mislead; (ii) the consumer’s interpretation of the representation,
omission, act or practice is reasonable under the circumstances; and (iii)
the misleading representation, omission, act, or practice is material.
(UDAAP Narrative, pp. 178-181.)

The “abusive” standard of the CFPA has no direct parallel in
the FTC Act; albeit, elements of the abusive standard closely resemble
the unfair and deceptive standards. Section 1031(d) of the CFPA (12 U.S.C.
§ 5531(d)) defines “abusive” as follows:

(d) Abusive

The Bureau shall have no authority under this section to declare an act
or practice abusive in connection with the provision of a consumer financial
product or service, unless the act or practice—

materially interferes with the ability of a consumer to understand a term
or condition of a consumer financial product or service; or

takes unreasonable advantage of—

a lack of understanding on the part of the consumer of the material risks,
costs, or conditions of the product or service;

the inability of the consumer to protect the interests of the consumer
in selecting or using a consumer financial product or service; or

the reasonable reliance by the consumer on a covered person to act in the
interests of the consumer.

Although the facts underlying each of the six counts stated in the Complaint
are instructive regarding the types of actions or omissions that are likely
to result in formal enforcement action, only Count V, which concerns PayPal’s
application of PayPal Credit payments made in excess of the minimum periodic
amount due (excess payments), breaks new legal ground. Specifically, Count
V marks the first time the CFPB has applied Subsection 1031(d)(2)(B) to
circumstances involving the use, versus the selection, of a consumer financial
product or service. Moreover, unlike the earlier enforcement actions involving
the selection of a product or service, there is no indication that the
CFPB considered the affected PayPal Credit customers to be highly vulnerable
(i.e. based on poverty, old age, military status, etc.) with respect to
the ability to protect their interests.
[3]

As noted earlier, PayPal Credit is not a credit card for purposes of Regulation
Z because purchases are never made using, or charged directly to, the
customer’s PayPal Credit account. PayPal’s payment allocation
practices during the time period in question, however, appear to have
been consistent with Regulation Z’s payment allocation requirements
for credit card relationships. Under Regulation Z, credit card payments
must be applied “first to the balance with the highest annual percentage
rate and any remaining portion to the other balances in descending order
based on the applicable annual percentage rate.” (12 CFR §
1026.52.) Moreover, when multiple credit card balances have the same annual
percentage rate, Regulation Z does not require any particular method for
allocating payments among those balances. (12 CFR § 1053, Official
Interpretation No. 4, Supplement I to Regulation Z.) Furthermore, when
a balance is subject to a deferred interest program that does not require
the customer to pay accrued interest so long as the balance is repaid
in full prior to the expiration of a specified period of time, the deferred
balance must be treated as having an annual percentage rate of zero (0)
during the deferral period.
[4] Finally, certain “special rules” apply to deferred interest
credit card programs:

(b)
Special rules—(1)
Accounts with balances subject to deferred interest or similar program. When a balance on a credit card account under an open-end (not home-secured)
consumer credit plan is subject to a deferred interest or similar program
that provides that a consumer will not be obligated to pay interest that
accrues on the balance if the balance is paid in full prior to the expiration
of a specified period of time:

(i)
Last two billing cycles. The card issuer must allocate any amount paid by the consumer in excess
of the required minimum periodic payment consistent with paragraph (a)
of this section, except that, during the two billing cycles immediately
preceding expiration of the specified period, the excess amount must be
allocated first to the balance, subject to the deferred interest or similar
program and any remaining portion allocated to any other balances consistent
with paragraph (a) of this section; or

(ii)
Consumer request. The card issuer may at its option allocate any amount paid by the consumer
in excess of the required minimum periodic payment among the balances
on the account in the manner requested by the consumer.

The facts recited in the Complaint in support of Count V describe how PayPal
applied payments received from PayPal Credit customers. Specifically,
“before early 2013, [PayPal’s] practice was to apply payments
in excess of the minimum payment proportionally to all deferred-interest
promotional balances with the same rate, regardless of expiration date,
unless a promotion was expiring within two cycles, in which case payments
would be applied to that promotion.” (Complaint ¶ 36.). Moreover,
PayPal represented to customers that they could “contact [PayPal’s]
customer service representatives if they wanted more information about
the product, including payment allocation and how much they would need
to pay to avoid paying interest (Complaint ¶ 37),” or to “request
that payments be allocated to specific balances in a way other than PayPal’s
default method for applying payments.” (Complaint ¶ 38.)

According to the Complaint, PayPal failed to provide consumers “adequate
information to allow them to understand how [PayPal] applied payment to
various balances and how much consumers needed to pay to avoid interest.”
(Complaint ¶ 35.) Regarding the ability of customers to request that
excess payments be allocated in a particular way, the Complaint further
provides that “many consumers could not reach a customer service
agent at all, or [PayPal] ignored such re-allocation requests, or allocated
payments differently than consumers requested. (Complaint ¶ 38).”

If one accepts that PayPal’s application of excess payments generally
complied with Regulation Z’s payment allocation rules, the CFPB’s
finding of abusive acts or practices necessarily hinges on PayPal’s
alleged misconduct concerning its handling of customers’ special
requests to allocate payments. In this regard, the Complaint describes
PayPal’s actions in terms indicative of deliberate and wrongful
behavior; i.e. “[PayPal
purported to allow customers to control the allocation of payments. . .and when
consumers made specific allocation requests, [PayPal] often
ignored such requests or allocated payments differently than consumers requested.”
(Complaint ¶ 73.) Absent this egregious behavior, it is highly unlikely
that the CFPB would have invoked the CFPA’s abusive standard. To
this end, although the Complaint states that PayPal “provided little
information to consumers about how it allocated payments… (Complaint
¶ 72),” that failure, standing alone, would amount to conduct
that was deceptive, but not abusive.

Aside from clarifying the scope of the CFPA’s abusive standard under
Subsection 1031(2)(B), the CFPB’s finding that PayPal engaged in
abusive acts or practices in allocating payments offers several important
lessons. First, it reinforces that UDAAP extends beyond the letter of
the law in two ways: (i) if a consumer account is structured in such a
way that regulatory requirements do not apply (i.e. Regulation Z’s
payment allocation rules for credit card accounts are inapplicable to
PayPal Credit), UDAAP allows the CFPB to fill the gap; and (ii) the fact
that regulatory requirements may have been met (i.e. if Regulation Z had
applied, PayPal’s methodology for applying excess payments was technically
compliant) affords limited defense if the CFPB finds that customers were
treated improperly. Second, and most importantly, promises made to customers
must be kept and, in the hopefully rare but inevitable instances where customers
do not receive all they were led to expect, promises should never be capable
of being viewed as having been flaunted.

Finally, the fact that the CFPB’s pursued formal enforcement action
against PayPal demonstrates that the ability of the CFPB to enforce UDAAP
under the CFPA broadly extends to almost any person engaged in the offering
of consumer products and services, and not just to those entities that
are supervised and examined by the CFPB.

How Bridgeforce Law Can Help

Bridgeforce Law can provide assistance with respect to both assessing the
current state of your institution’s compliance with the CFPB and
its ability to meet supervisory expectations for an effective compliance
program—such as those outlined above.

[1] For purposes of the Truth-In-Lending Act (TILA) and Regulation Z, a credit
card includes an account number that may be used by a consumer to access
an open-end credit account in making online purchases of goods and services,
even if no plastic or other physical access devices is issued to the consumer.
(Regulation Z, Supplement I, Official)

[2] Interpretation 2(ii)(C), interpreting 12 CFR § 1026.2(a)(15)(i)(definition
of the term, “credit card”). PayPal Credit does not constitute
a credit card under this definition because purchases are not made using,
or charged directly to, the customer’s PayPal Credit account.

[4] According the Complaint, subsequent to the first quarter of 2013, “if
a consumer had any balance on any deferred interest promotions expiring
in the following two billing cycles, [PayPal] began allocating even minimum
payments to promotional balances before revolving balances.” (Complaint
¶ 39.) Based on the above-cited Official Interpretation of Regulation
Z, that practice would be impermissible if PayPal Credit were a credit
card product.